aa960d5d85afc66f9167de963f81911f4fd9cc35b7c2c3d82f866358292843acN | Triage

Sharing

General

Target

aa960d5d85afc66f9167de963f81911f4fd9cc35b7c2c3d82f866358292843acN
Size

57KB
MD5

26fa65aa9ef4b15475061bc3c0e4ddc0
SHA1

108208467a542c239b8b41f9b9b80b642284b8a6
SHA256

aa960d5d85afc66f9167de963f81911f4fd9cc35b7c2c3d82f866358292843ac
SHA512

8d8f89fc449cc6fd24eeb91492617f9648fa9b309cfb6598004efa68abfe265c5ea52cad01ba2c2d84430e0914480601f6aa12c05b7fa7088d44c2dd0ce65a8c
SSDEEP

768:RWO+3E4yjpTpVNSPpwALbL/r6A4sJxtaR0aoHz5TW4UPs4Lv7t1tEiPwn/Q:r4qNEPb6A4sJxtaRrGTWzs8H9k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa960d5d85afc66f9167de963f81911f4fd9cc35b7c2c3d82f866358292843acN

Files

aa960d5d85afc66f9167de963f81911f4fd9cc35b7c2c3d82f866358292843acN
.exe windows:5 windows x86 arch:x86

a64ee764367f47bfe75a9e2aa9bf9559

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

msdtcexe.pdb

Imports

kernel32

GetCommandLineW
GetModuleHandleA
GetStartupInfoW

msvcrt

??2@YAPAXI@Z
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
wcstok
wcslen
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
wcscpy
??3@YAXPAX@Z
_initterm

msdtctm

ord4

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ahdbxig
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE